Chris Buechler wrote:
> On 3/4/07, Jukka Ruotsalainen <jukka dot ruotsalainen at cs dot helsinki dot fi> wrote:
>>
>> How the amount of sessions is setup?
>
> hard coded at compile time. You have to recompile the kernel to raise
> the limit.
>
>
>> Is it same as sysctl -w kern.ipc.somaxconn=32768 ?
>>
>
> No.
>
>
>
>> I use now
>>
>> sysctl -w kern.ipc.somaxconn=32768
>>
>> and set kern.ipc.nmbclusters=32768
>>
>
> I believe these aren't actually going to help anything. I believe they
> only affect traffic initiated by the firewall, or destined to daemons
> listening on the firewall, which would be next to nothing. I know the
> FAQ says otherwise (I wrote that FAQ quite a while ago, it needs to be
> revised once I have a chance to figure out for sure what the effect of
> those is in a firewall environment).
>
> -Chris
I have setup where I have about 50 users and m0n0 is acting as firewall
and traffic shaper, I do have a feel that I have more problems if I do
not set sysctl -w kern.ipc.somaxconn=32768
Then
All traffic is not routed to the wan so "smoothly", specially heavy p2p
traffic causes problems.
kern.ipc.somaxconn=32768 what it actually does?
Also some bsd tweak guides do recomend these settings, it should
increase max connections and protects against dos attacks?
I really hope some "performance" build of m0n0wall, nothing else, but
just tweaked settings so more memory and maybe processing power is used
properly.
I have no need to change pfsense.
Jukka